Vulnerabilities > CVE-2003-0609 - Unspecified vulnerability in SUN Solaris and Sunos

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
sun
exploit available
NVD
Published: 2003-08-27
Updated: 2018-10-30

Summary

Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.

Vulnerable Configurations

Part Description Count
OS
Sun
8

Exploit-Db

  • descriptionSolaris 2.6/7/8/9 (ld.so.1) Local Root Exploit (sparc). CVE-2003-0609. Local exploit for solaris platform
    idEDB-ID:1182
    last seen2016-01-31
    modified2004-12-24
    published2004-12-24
    reporterMarco Ivaldi
    sourcehttps://www.exploit-db.com/download/1182/
    titleSolaris 2.6/7/8/9 ld.so.1 Local Root Exploit sparc
  • descriptionSolaris Runtime Linker (ld.so.1) Buffer Overflow Exploit (SPARC version). CVE-2003-0609. Local exploit for solaris platform
    idEDB-ID:114
    last seen2016-01-31
    modified2003-10-27
    published2003-10-27
    reporterosker178
    sourcehttps://www.exploit-db.com/download/114/
    titleSolaris Runtime Linker ld.so.1 - Buffer Overflow Exploit SPARC version

Oval

accepted2005-02-23T09:25:00.000-04:00
classvulnerability
contributors
nameBrian Soby
organizationThe MITRE Corporation
descriptionStack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
familyunix
idoval:org.mitre.oval:def:3601
statusaccepted
submitted2004-12-29T12:00:00.000-04:00
titleRuntime linker, ld.so.1 LD_PRELOAD Envvar Buffer Overflow
version35

Seebug

bulletinFamilyexploit
descriptionNo description provided by source.
idSSV:5361
last seen2017-11-19
modified2006-10-28
published2006-10-28
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-5361
titleSolaris 2.6/7/8/9 (ld.so.1) Local Root Exploit (sparc)

References